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AMENDMENTS TO THE CLAIMS 



This listing of claims will replace all prior versions and listings of claims in the 
application. 

Listing of Claims: 

1 . (Currently amended) A method for running a tamper-resistant application 
in a trusted environment, comprising: 

defining a trusted virtual machine environment that contains a 
trusted dictionary for protecting data, 

wherein the trusted dictionary having an associated secure count, 
comprises a subclass of a standard base class dictionary using any class that allows 
a storing and a retrieving of data values, wherein the trusted dictionary contains 
keywords and values encrypted with a secret including a key, and wherein the 
trusted dictionary includes a list of public keys,,. 

wherein each time the secure count is incremented during operation of the 
application, the trusted dictionary is placed into an irreversible state, such that the 
trusted dictionary cannot be placed into a pervious state by replacing a file 
associated with the trusted dictionary with an older version of the file ; 



machine environment prevents the application from accessing the secret in the 
trusted dictionary, and further prevents changing of the trusted dictionary to the 
previous state, thus disabling the normal operation of the application. 

2. (Previously Presented) The method of claim 1, wherein if the integrity of 
the application is confirmed, the trusted virtual machine environment allows the 
application to access the secret in the trusted dictionary, thus enabling the normal 



verifying the integrity of the application; 

wherein, if the application is tampered with, the trusted virtual 
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operation of the application. 

3. (Original) The method of claim 2, wherein defining the trusted virtual 
machine environment comprises defining a trusted bundle for protecting a programming 
code of the application. 

4. (Original) The method of claim 3, wherein protecting the programming 
code comprises encrypting the programming code. 

5. (Original) The method of claim 4, wherein the trusted virtual machine 
environment decrypts the encrypted programming code using a decryption key from a 
media key block associated with the application. 

6. (Original) The method of claim 1, wherein defining the trusted virtual 
machine environment comprises using a security chip. 

7. (Original) The method of claim 3, wherein defining the trusted bundle 
comprises restricting access to instruction codes of the trusted bundle. 

8. (Original) The method of claim 1, further comprising encrypting the trusted 
dictionary. 

9. (Original) The method of claim 1, wherein defining the trusted virtual 
machine environment comprises defining at least two trusted bundles; and 

wherein the trusted dictionary is shared between at least some of the at least two 
trusted bundles, to maintain communication integrity between the at least two trusted 
bundles. 
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10. (Original) The method of claim 1, wherein the application comprises a 
player that plays copy-protected media. 

11. (Original) The method of claim 10, wherein the trusted dictionary contains 
one or more decryption keys to decrypt the copy-protected media. 

12. (Withdrawn) A method for producing a tamper-resistant application in a 
trusted virtual machine environment, comprising: 

determining whether any aspect of the application needs to be tamper-resistant; 

if any aspect of the application needs to be tamper-resistant, defining one or more 
trusted bundles to restrict access to a predefined set of application functions; 

running the one or more trusted bundles in a non-trusted virtual machine 
environment to debug the application; and 

deploying the application in the trusted virtual machine environment. 

13. (Withdrawn) The method of claim 12, wherein the aspect of the application 
comprises any one or more of: an integrity of the application, a secret key of the 
application, secret data, and a secret code. 

14. (Withdrawn) The method of claim 12, wherein determining whether any 
aspect of the application needs to be tamper-resistant comprises determining whether the 
application needs to access a trusted bundle in another application running in a trusted 
virtual machine environment. 

15. (Withdrawn) The method of claim 14, further comprising defining a trusted 
dictionary to be shared between the trusted bundles from the application and the other 
application. 
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16. (Withdrawn) The method of claim 13, wherein if the aspect is any one of a 
secret key or secret data, building a tool to generate at least one trusted dictionary with 
the secret key or the secret data. 

17. (Withdrawn) The method of claim 12, wherein the aspect of the application 
comprises preventing the application from being copied. 

18. (Withdrawn) The method of claim 17, further comprising designing a 
registration process to determine if the application has been copied. 

19. (Withdrawn) The method of claim 12, wherein the aspect of the application 
comprises preventing a user from resetting a count of activities of the application. 

20. (Withdrawn) The method of claim 19, further comprising designing a 
trusted dictionary to contain the count of activities. 

21. (Currently Amended) A computer program product having instruction 
codes for running a tamper-resistant application in a trusted environment, comprising: 

a first set of instruction codes for defining a trusted virtual machine 
environment that contains a trusted dictionary for protecting data, 

wherein the trusted dictionary having an associated secure count, 
comprises a subclass of a standard base class dictionary using any class that allows 
a storing and a retrieving of data values, wherein the trusted dictionary contains 
keywords and values encrypted with a secret including a key, and wherein the 
trusted dictionary includes a list of public keys,,. 

wherein each time the secure count is incremented during operation of the 
application, the trusted dictionary is placed into an irreversible state, such that the 
trusted dictionary cannot be placed into a pervious state by replacing a file 
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associated with the trusted dictionary with an older version of the file ; 

a second set of instruction codes for verifying the integrity of the 

application; 

wherein, if the application is tampered with, the trusted virtual 
machine environment prevents the application from accessing the secret in the 
trusted dictionary, and further prevents changing of the trusted dictionary to the 
previous state, thus disabling the normal operation of the application. 

22. (Previously Presented) The computer program product of claim 21, 
wherein if the integrity of the application is confirmed, the trusted virtual machine 
environment allows the application to access the secret in the trusted dictionary, thus 
enabling the normal operation of the application. 

23. (Original) The computer program product of claim 22, wherein the first set 
of instruction codes defines the trusted virtual machine environment by defining a trusted 
bundle for protecting a programming code of the application. 

24. (Original) The computer program product of claim 23, wherein the first set 
of instruction codes protects the programming code by encrypting the programming code. 

25. (Original) The computer program product of claim 24, wherein the trusted 
virtual machine environment decrypts the encrypted programming code using a decryption 
key from a media key block associated with the application. 

26. (Original) The computer program product of claim 21, wherein the first set 
of instruction codes defines the trusted virtual machine environment comprises using a 
security chip. 
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27. (Original) The computer program product of claim 23, wherein the first 
set of instruction codes defines the trusted bundle by restricting access to the trusted 
bundle. 

28. (Original) The computer program product of claim 21, further comprising a 
third set of instruction codes for encrypting the trusted dictionary. 

29. (Original) The computer program product of claim 21, wherein the first set 
of instruction codes defines the trusted virtual machine environment by defining at least 
two trusted bundles; and 

wherein the trusted dictionary is shared between at least some of the at least two 
trusted bundles, to maintain communication integrity between the at least two trusted 
bundles. 

30. (Original) The computer program product of claim 21, wherein the 
application comprises a player that plays copy-protected media. 

31. (Original) The computer program product of claim 30, wherein the trusted 
dictionary contains one or more decryption keys to decrypt the copy-protected media. 

32. (Withdrawn) A computer program product having instruction codes for 
producing a tamper-resistant application in a trusted virtual machine environment, 
comprising: 

a first set of instruction codes for determining whether any aspect of the 
application needs to be tamper-resistant; 

if any aspect of the application needs to be tamper-resistant, a second set of 
instruction codes defines one or more trusted bundles to restrict access to a predefined set 
of application functions; 
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a third set of instruction codes for running the one or more trusted bundles in a 
non-trusted virtual machine environment to debug the application; and 

a fourth set of instruction codes for deploying the application in the trusted virtual 
machine environment. 

33. (Withdrawn) The computer program product of claim 32, wherein the 
aspect of the application comprises any one or more of: an integrity of the application, a 
secret key of the application, secret data, and a secret code. 

34. (Withdrawn) The computer program product of claim 32, wherein the first 
set of instruction codes determines whether any aspect of the application needs to be 
tamper-resistant by determining whether the application needs to access a trusted bundle 
in another application running in a trusted virtual machine environment. 

35. (Withdrawn) The computer program product of claim 34, further 
comprising a fifth set of instruction codes for defining a trusted dictionary to be shared 
between the trusted bundles from the application and the other application. 

36. (Withdrawn) The computer program product of claim 33, wherein if the 
aspect is any one of a secret key or secret data, a sixth set of instruction codes builds a 
tool to generate at least one trusted dictionary with the secret key or the secret data. 

37. (Withdrawn) The computer program product of claim 32, wherein the 
aspect of the application comprises a seventh set of instruction codes for preventing the 
application from being copied. 
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38. (Withdrawn) The computer program product of claim 37, further 
comprising an eight set of instruction codes for designing a registration process to 
determine if the application has been copied. 

39. (Withdrawn) The computer program product of claim 32, wherein the 
aspect of the application comprises a ninth set of instruction codes for preventing a user 
from resetting a count of activities of the application. 

40. (Withdrawn) The computer program product of claim 39, further 
comprising a tenth set of instruction codes for designing a trusted dictionary to contain the 
count of activities. 

41. (Currently Amended) A system for running a tamper-resistant application 
in a trusted environment, comprising: 

a storage medium for storing a definition of a trusted virtual 
machine environment that contains a trusted dictionary for protecting data, 

wherein the trusted dictionary having an associated secure count, 
comprises a subclass of a standard base class dictionary using any class that allows 
a storing and a retrieving of data values, wherein the trusted dictionary contains 
keywords and values encrypted with a secret including a key, and wherein the 
trusted dictionary includes a list of public keys^ 

wherein each time the secure count is incremented during operation of the 
application, the trusted dictionary is placed into an irreversible state, such that the 
trusted dictionary cannot be placed into a pervious state by replacing a file 
associated with the trusted dictionary with an older version of the file ; 

a server, operatively coupled to the storage medium, for performing 
a verification of the integrity of the application; 

wherein, if the application is tampered with, the trusted virtual 
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machine environment prevents the application from accessing secrets in the trusted 
dictionary, and further prevents changing of the trusted dictionary to the previous 
state, thus disabling the normal operation of the application. 

42. (Previously Presented) The system of claim 41, wherein if the integrity of 
the application is confirmed, the trusted virtual machine environment allows the 
application to access the secrets in the trusted dictionary, thus enabling the normal 
operation of the application. 

43. (Previously Presented) The system of claim 42, wherein the definition of 
the trusted virtual machine environment comprises a definition of a trusted bundle for 
protecting a programming code of the application. 

44. (Previously Presented) The system of claim 43, wherein the protection of 
the programming code comprises an encryption of the programming code. 

45. (Previously Presented) The system of claim 44, wherein the trusted virtual 
machine environment decrypts the encrypted programming code using a decryption key 
from a media key block associated with the application. 

46. (Previously Presented) The system of claim 41, wherein the definition of 
the trusted virtual machine environment comprises the use of a security chip. 

47. (Previously Presented) The system of claim 43, wherein the definition of 
the trusted bundle comprises a restriction of access to instruction codes of the trusted 
bundle. 

48. (Previously Presented) The system of claim 41, further comprising an 
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encryption of the trusted dictionary. 

49. (Previously Presented) The system of claim 41, wherein the definition of 
the trusted virtual machine environment comprises a definition of at least two trusted 
bundles; and 

wherein the trusted dictionary is shared between at least some of the at least two 
trusted bundles, to maintain communication integrity between the shared trusted 
dictionary. 

50. (Previously Presented) The system of claim 41, wherein the application 
comprises a player that plays copy-protected media. 

51. (Previously Presented) The system of claim 50, wherein the trusted 
dictionary contains one or more decryption keys to decrypt the copy-protected media. 

52. (Withdrawn) A model for producing a tamper-resistant application in a 
trusted virtual machine environment, comprising: 

a determination of whether any aspect of the application needs to be tamper- 
resistant; 

if any aspect of the application needs to be tamper-resistant, a definition of one or 
more trusted bundles to restrict access to a predefined set of application functions; 

a run of the one or more trusted bundles in a non-trusted virtual machine 
environment to debug the application; and 

a deployment of the application in the trusted virtual machine environment. 

53. (Withdrawn) The model of claim 52, wherein the aspect of the application 
comprises any one or more of: an integrity of the application, a secret key of the 
application, secret data, and a secret code. 
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54. (Withdrawn) The model of claim 52, wherein the determination of whether 
any aspect of the application needs to be tamper-resistant comprises a determination of 
whether the application needs to access a trusted bundle in another application running in 
a trusted virtual machine environment. 

55. (Withdrawn) The model of claim 54, further comprising a definition of a 
trusted dictionary to be shared between the trusted bundles from the application and the 
other application. 

56. (Withdrawn) The model of claim 53, wherein if the aspect is any one of a 
secret key or secret data, a tool generates at least one trusted dictionary with the secret 
key or the secret data. 

57. (Withdrawn) The model of claim 52, wherein the aspect of the application 
comprises a prevention of the application from being copied. 

58. (Withdrawn) The model of claim 57, further comprising a design of a 
registration process to determine if the application has been copied. 

59. (Withdrawn) The model of claim 52, wherein the aspect of the application 
comprises a prevention of a user from resetting a count of activities of the application. 

60. (Withdrawn) The model of claim 59, further comprising a design of a 
trusted dictionary to contain the count of activities. 
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